Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/python-django@1.9.2-1?distro=trixie
Typedeb
Namespacedebian
Namepython-django
Version1.9.2-1
Qualifiers
distro trixie
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version1.9.4-1
Latest_non_vulnerable_version3:4.2.30-1
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-y8fz-krt7-vkhp
vulnerability_id VCID-y8fz-krt7-vkhp
summary Django 1.9.x before 1.9.2, when ModelAdmin.save_as is set to True, allows remote authenticated users to bypass intended access restrictions and create ModelAdmin objects via the "Save as New" option when editing objects and leveraging the "change" permission.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2048.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2048.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-2048
reference_id
reference_type
scores
0
value 0.00142
scoring_system epss
scoring_elements 0.34498
published_at 2026-04-04T12:55:00Z
1
value 0.00142
scoring_system epss
scoring_elements 0.34398
published_at 2026-04-18T12:55:00Z
2
value 0.00142
scoring_system epss
scoring_elements 0.34411
published_at 2026-04-16T12:55:00Z
3
value 0.00142
scoring_system epss
scoring_elements 0.34376
published_at 2026-04-13T12:55:00Z
4
value 0.00142
scoring_system epss
scoring_elements 0.344
published_at 2026-04-12T12:55:00Z
5
value 0.00142
scoring_system epss
scoring_elements 0.34439
published_at 2026-04-11T12:55:00Z
6
value 0.00142
scoring_system epss
scoring_elements 0.34437
published_at 2026-04-09T12:55:00Z
7
value 0.00142
scoring_system epss
scoring_elements 0.3413
published_at 2026-04-01T12:55:00Z
8
value 0.00142
scoring_system epss
scoring_elements 0.3447
published_at 2026-04-02T12:55:00Z
9
value 0.00142
scoring_system epss
scoring_elements 0.34408
published_at 2026-04-08T12:55:00Z
10
value 0.00142
scoring_system epss
scoring_elements 0.34366
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-2048
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2048
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2048
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:N/I:P/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:N
1
value 7.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
5
reference_url https://github.com/django/django/commit/adbca5e4db42542575734b8e5d26961c8ada7265
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:N
1
value 7.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/adbca5e4db42542575734b8e5d26961c8ada7265
6
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2016-14.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:N
1
value 7.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2016-14.yaml
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-2048
reference_id
reference_type
scores
0
value 6.0
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:S/C:P/I:P/A:P
1
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:N
2
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:N
3
value 7.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N
4
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-2048
8
reference_url https://web.archive.org/web/20210123075529/http://www.securityfocus.com/bid/82329
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:N
1
value 7.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20210123075529/http://www.securityfocus.com/bid/82329
9
reference_url https://web.archive.org/web/20211204051406/http://www.securitytracker.com/id/1034894
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:N
1
value 7.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20211204051406/http://www.securitytracker.com/id/1034894
10
reference_url https://www.djangoproject.com/weblog/2016/feb/01/releases-192-and-189
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:N
1
value 7.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2016/feb/01/releases-192-and-189
11
reference_url https://www.djangoproject.com/weblog/2016/feb/01/releases-192-and-189/
reference_id
reference_type
scores
url https://www.djangoproject.com/weblog/2016/feb/01/releases-192-and-189/
12
reference_url http://www.securityfocus.com/bid/82329
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/82329
13
reference_url http://www.securitytracker.com/id/1034894
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1034894
14
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1302699
reference_id 1302699
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1302699
15
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=813448
reference_id 813448
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=813448
16
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.9:*:*:*:*:*:*:*
reference_id cpe:2.3:a:djangoproject:django:1.9:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.9:*:*:*:*:*:*:*
17
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.9.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:djangoproject:django:1.9.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.9.1:*:*:*:*:*:*:*
18
reference_url https://github.com/advisories/GHSA-46x4-9jmv-jc8p
reference_id GHSA-46x4-9jmv-jc8p
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-46x4-9jmv-jc8p
fixed_packages
0
url pkg:deb/debian/python-django@1.9.2-1?distro=trixie
purl pkg:deb/debian/python-django@1.9.2-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-django@1.9.2-1%3Fdistro=trixie
1
url pkg:deb/debian/python-django@2:2.2.28-1~deb11u2?distro=trixie
purl pkg:deb/debian/python-django@2:2.2.28-1~deb11u2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1adz-zw3h-pqek
1
vulnerability VCID-46pv-pzsu-jucd
2
vulnerability VCID-ac4c-321h-tqfk
3
vulnerability VCID-ff2a-at5f-2qa8
4
vulnerability VCID-gfym-spzk-w7gk
5
vulnerability VCID-jzae-1awh-k7cm
6
vulnerability VCID-mga4-an1w-qqf9
7
vulnerability VCID-ssut-reka-r3f8
8
vulnerability VCID-xhpa-mffz-syfy
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-django@2:2.2.28-1~deb11u2%3Fdistro=trixie
2
url pkg:deb/debian/python-django@3:3.2.19-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/python-django@3:3.2.19-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1adz-zw3h-pqek
1
vulnerability VCID-46pv-pzsu-jucd
2
vulnerability VCID-ac4c-321h-tqfk
3
vulnerability VCID-ff2a-at5f-2qa8
4
vulnerability VCID-gfym-spzk-w7gk
5
vulnerability VCID-jzae-1awh-k7cm
6
vulnerability VCID-mga4-an1w-qqf9
7
vulnerability VCID-ssut-reka-r3f8
8
vulnerability VCID-xhpa-mffz-syfy
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-django@3:3.2.19-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/python-django@3:4.2.28-0%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/python-django@3:4.2.28-0%2Bdeb13u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1adz-zw3h-pqek
1
vulnerability VCID-46pv-pzsu-jucd
2
vulnerability VCID-ac4c-321h-tqfk
3
vulnerability VCID-ff2a-at5f-2qa8
4
vulnerability VCID-gfym-spzk-w7gk
5
vulnerability VCID-ssut-reka-r3f8
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-django@3:4.2.28-0%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/python-django@3:4.2.29-1?distro=trixie
purl pkg:deb/debian/python-django@3:4.2.29-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1adz-zw3h-pqek
1
vulnerability VCID-46pv-pzsu-jucd
2
vulnerability VCID-ff2a-at5f-2qa8
3
vulnerability VCID-gfym-spzk-w7gk
4
vulnerability VCID-ssut-reka-r3f8
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-django@3:4.2.29-1%3Fdistro=trixie
5
url pkg:deb/debian/python-django@3:4.2.30-1?distro=trixie
purl pkg:deb/debian/python-django@3:4.2.30-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-django@3:4.2.30-1%3Fdistro=trixie
aliases CVE-2016-2048, GHSA-46x4-9jmv-jc8p, PYSEC-2016-14
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-y8fz-krt7-vkhp
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/python-django@1.9.2-1%3Fdistro=trixie